Skill audit report

Insider audit report.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

EXPERIMENTAL · REVIEWNeeds reviewGenerated Jun 16, 2026Heuristic metadata audit

Audit

Trust

Quality

Security

Maintain

Install

OpenAgentSkill Trust Score

Strong shortlist

Stars, maintenance, license, docs, dependency risk, and installability.

The Trust Score is OpenAgentSkill's adoption layer. It is designed to help an agent decide whether a skill is safe enough to shortlist before installation.

GitHub adoption

INFO

553 GitHub stars

Recent maintenance

FAIL

4y since push

License clarity

PASS

MIT

README/SKILL.md completeness

PASS

Metadata includes enough usage and workflow context

Dependency risk

INFO

command execution surface

Install availability

PASS

npx skills add insidersec/insider

Repository evidence

PASS

https://github.com/insidersec/insider

Review status

PASS

AI review data available

Checks

Install and adoption review

6 passed · 6 review

Install path

PASS

npx skills add insidersec/insider

Repository

PASS

https://github.com/insidersec/insider

License

PASS

MIT

Maintenance

FIX

4y since push

AI review

PASS

Approved with no listed issues

README/SKILL.md completeness

PASS

Usable description available

Dependency risk

CHECK

command execution surface

Adoption

PASS

553 GitHub stars

Warnings

Repository appears stale
Repository looks stale
Quality score needs review
Recent maintenance: 4y since push

Method

This report combines public metadata, AI review output, repository freshness, install readiness, OpenAgentSkill events, quality scoring, trust checks, and the agent safety gate. It is not a full source-code security review.

Install path

Review the report before installing into production agents.

$ npx skills add insidersec/insider

Signals

Audit score: 66/100
Quality: 54/100
Trust: 73/100
Maintenance: 4y since push
Events: No events yet
GitHub stars: 553
Last push: Apr 10, 2022

Agent safety v2

38/100 · Avoid automatic install

Experimentalreview

Sparse or mixed signals. Useful for discovery, but not for autonomous installation.

Test manually in an isolated workspace and compare against safer alternatives.

High-risk permission hints: Shell or command execution
38/100 agent safety score

Shell or command execution

high

Skill metadata references terminal, CLI, shell, subprocess, or command execution workflows.

Network access

medium

Skill likely fetches remote pages, APIs, repositories, or external services.

Filesystem access

medium

Skill may read or write project files, documents, generated artifacts, or local workspace state.

High-risk permission hints: Shell or command execution
Repository appears stale

Back to skill Alternatives Audit badge SVG

Compare nearby options

Related skills to audit next

Gemini CLI

Bring a coding agent directly into the terminal

105K stars · Audit report

System Prompts And Models Of AI Tools

FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI, VSCode Agent, Warp.dev, Windsurf, Xcode, Z.ai Code, Dia & v0. (And other Open Sourced) System Prompts, Internal Tools & AI Models

139K stars · Audit report

Caveman

🪨 why use many token when few token do trick — Claude Code skill that cuts 65% of tokens by talking like caveman

72K stars · Audit report